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IN THE CLAIMS 

Please cancel Claim 1 without prejudice. 

1. (Cancelled) 

Please amend the claims as follows. 

2. (Currently Amended) An apparatus as claim e d in Claim 1 for providing a 
secure serial bus (USB) comprising a secure channel for transferring data, wherein said apparatus 
comprises a secure USB domain device coupled to an external host compute r, wherein said 
secure USB domain device comprises elements that are not accessible by said external host 
computer . 

3. (Original) An apparatus as claimed in Claim 2 wherein said secure USB 
domain device comprises: 

a USB memory device that is not accessible by said host computer; 
a USB processor that is not accessible by said host computer; 
a USB host controller that is not accessible by said host computer; and 
an internal USB bus that couples said USB memory device, said USB processor, and said 
USB host controller. 
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4. (Original) An apparatus as claimed in Claim 3 further comprising a USB 
node coupled to said USB bus, said USB node capable of being coupled to a USB tree. 

5. (Currently Amended) An apparatus as claimed in Claim 1 Claim 2 wherein said 
apparatus comprises a secure USB domain device embedded within a host computer. 

6. (Original) An apparatus as claimed in Claim 5 wherein said secure USB 
domain device comprises: 

a USB memory device that is not accessible by said host computer; 
a USB processor that is not accessible by said host computer; 
a USB host controller that is not accessible by said host computer; and 
an internal USB bus that couples said USB memory device, said USB processor, and said 
USB host controller. 

7. (Original) An apparatus as claimed in Claim 6 further comprising a virtual 
conduit interface coupled to said secure USB domain device and coupled to at least one non- 
USB device, said virtual conduit interface capable of providing a secure USB channel for 
transferring information to said at least one non-USB device. 
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8. (Currently Amended) An apparatus for providing a secure universal serial 
bus (USB) capable of transferring information over a secure channel to and from a device 
coupl e d to a host computer, wh e r e in said host comput e r is coupl e d to oth e r host comput e rs in a 
data n e twork , said apparatus comprising: 

at least one host computer capable of supporting USB input/output devices, said at least 
one host computer comprising a USB bus, USB client software, and USB [[S]] system software; 
and 

a secure USB domain device capable of at least one of: blocking outgoing data flows of 
confidential information, forwarding outgoing data flows of encrypted confidential information, 
and forwarding outgoing data flows of non-confidential information. 

9. (Currently Amended) The apparatus as claimed in Claim 8 wherein said 
secure USB domain device comprises: 

a plurality of USB devices; 

a first set of data channels for exchanging data with each of said plurality of USB 
devices; and 

a second set of data channels for exchanging data b e tw e en said s e cur e USB domain 
devic e and with said at least one host computer. 
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10. (Original) An apparatus as claimed in Claim 8 wherein said secure USB 
domain device is embedded within said at least one host computer. 

11. (Currently Amended) An apparatus as claimed in Claim 10 wherein said 
secure USB domain device comprises: 

a USB bus; 

a memory coupled to said USB bus capable of storing each data packet that is at least one 
of sent from rer and received by [[,]] said secure USB domain device, said memory containing a 
set of buffers, each of said buffers comprising [[es]] data associated with at least one of: said 
[[H]] at least one h ost computer and or to said a device coupled to said at least one host 
computer ; 

circuitry coupled to said USB bus, said circuitry capable of forwarding commands and 
requests for information received in said secure USB domain device to corresponding devices ; 

a processor coupled to said USB bus, said processor capable of at least one of: classifying 
data packets, controlling forwarding operations, and controlling encryption operations; and 

a USB host controller coupled to said USB bus, said USB host controller capable of 
managing data flow between said at least one host computer and a plurality of USB devices. 
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12. (Original) An apparatus as claimed in Claim 11 wherein said apparatus 
further comprises a virtual conduit interface coupled to said secure USB domain device and 
coupled to at least one non-USB device, said virtual conduit interface capable of providing a 
secure USB channel for transferring information to said at least one non-USB device. 

13. (Currently Amended) An apparatus as claimed in Claim 8 wherein said 
secure USB domain device is external to and coupled to said at least one e xt e rnal host computer. 
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14. (Currently Amended) An apparatus as claimed in Claim 13 wherein said 

secure USB domain device comprises: 
a USB bus; 

a memory coupled to said USB bus capable of storing each data packet that is at least one 
of sent from re? and received by [[,]] said secure USB domain device, said memory containing a 
set of buffers, each of said buffers comprising [[es]] data associated with at least one of: said 
[[H]] at least one h ost computer and or to said a device coupled to said at least one host 
computer ; 

circuitry coupled to said USB bus, said circuitry capable of forwarding commands and 
requests for information received in said secure USB domain device to corr e sponding devices ; 

a processor coupled to said USB bus, said processor capable of at least one of: classifying 
data packets, controlling forwarding operations, and controlling encryption operations; and 

a USB host controller coupled to said USB bus, said USB host controller capable of 
managing data flow between said at least one host computer and a plurality of USB devices. 
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15. (Currently Amended) A method for providing a secure universal serial bus 

(USB) capable of transferring information over a secure channel to and from a devic e coupl e d to 
a host comput e r, wh e r e in said host comput e r is coupl e d to oth e r host comput e rs in a data 
n e twork , said method comprising the steps of: 

providing at least one host computer capable of supporting USB input/output devices, 
said at least one host computer comprising a USB Bus, USB client software, and USB [[S]] 
system software; and 

providing a secure USB domain device capable of at least one of: blocking outgoing data 
flows of confidential information, forwarding outgoing data flows of encrypted confidential 
information, and forwarding outgoing data flows of non-confidential information. 
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16. (Currently Amended) The method as claimed in Claim 15 wherein the 

step of providing a secure USB domain device capable of at least one of: blocking outgoing data 
flows of confidential information, forwarding outgoing data flows of encrypted confidential 
information, and forwarding outgoing data flows of non-confidential information, comprises the 
steps of: 

storing each data packet received by said secure USB domain device in a memory 
containing a set of buffers, each of said buffers comprising data associated with at least one of: 
said at least one host computer [[,]] and [[said]] a device coupled to said at least one host 
computer; 

forwarding commands and requests for information received in said secure USB domain 
device to a corr e sponding device ; 

classifying each data packet sent from said device coupled to said at least one host 
computer to said secure USB domain device to one of: a first data type that requires no 
intervention [[,]] and a second data type that requires intervention according to a buffer 
association; 

forwarding data packets of the first type that are originated at said device to said at least 
one host computer; 

blocking data packets of the second type that contain confidential information; 
forwarding data packets of the second type that contain encrypted confidential 
information; and 

forcing any exchange of data between said at least one host computer and said device 
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coupled to said at least one host computer to flow through said secure USB domain device. 

17. (Currently Amended) The method as claimed in claim 16, wherein the 

step of blocking data packets of the second type that contain confidential information, and the 
step of forwarding data packets of the second type that contain encrypted confidential 
information, comprise the steps of: 

interrogating a header of each data packet of the second type to reveal [[the]] a type of 
information required from a d e vic e; 

transferring said information in an encrypted form if the information is required at 
another host computer for further actions; and 

p e rforming th e following st e ps if said information is required for data verification: 
blocking the data packet; 

receiving verification information from said at least one host computer in an 
encrypted form; 

decrypting said verification information; 

comparing said [[en]] decrypted verification information with information 
received from said device coupled to said at least one host computer ; and 

providing said at least one host computer with an indication verifying whether a 
match was detected. 
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18. (Currently Amended) The method as claimed in Claim 15, wherein secure 
information is transferred between said at least one host computer and said secure USB domain 
device in a enciphered form, thereby establishing at least one secure data channel between said at 
least one host computer and said secure USB domain device. 

19. (Original) The method as claimed in Claim 15, wherein data flows from a 
first device to a second device directly through said secure USB domain device without utilizing 
resources of said host computer. 

20. (Original) The method as claimed in Claim 15, further comprising the steps 

of: 

coupling a virtual conduit interface to said secure USB domain device; 
coupling said virtual conduit interface to at least one non-USB device; and 
using said virtual conduit interface to provide a secure USB channel for transferring 
information to said at least one non-USB device. 
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